The Scottish Ambulance Service (SAS) is investigating a leak of staff data relating to community first responders.
An email was sent earlier this year and included an attachment of an Excel file containing personal details. SAS took immediate effect once notified of the issue and have said that no patient data was at risk.
A SAS spokesperson said: “We are aware of an email sent out in error on January 16 which contained details of Community First Responders. Once notified of the administrative error, we took immediate action which included a thorough investigation and contacting all those who received the email to apologise and reassure them that it had been reported and was being managed in line with our policies.”
SAS has said the matter has been reported to the Information Commissioner in line with its processes and policies.
Matt Aldridge, Principal Solutions Consultant at OpenText Cybersecurity, said: “The data leak that the SAS is experiencing just highlights how important employee education is when it comes to a robust cybersecurity approach.
“Over the last several years, we have witnessed many examples of data loss due to the unwitting release of rich document types to external parties. Unfortunately, users in general do not have great awareness of the types of metadata and other hidden data that is stored in Office document formats, and this can lead to leaks of personal, private or confidential data.